The Daily WTF: Curious Perversions in Information Technology
Welcome to TDWTF Forums Sign in | Join | Help
in Search
TheDailyWTF.com Forums
TDWTF Forums » The Daily WTF » "Side Bar" WTF » DO NOT click on these links!

DO NOT click on these links!

Last post 06-27-2009 8:00 AM by dhromed. 13 replies.
Page 1 of 1 (14 items)
Sort Posts: Previous Next

  • 06-26-2009 5:32 AM

    DO NOT click on these links!

    Reply Contact

    I just received the mail below from our IT Support staff. They conveniently kept the link alive in their company-wide mail. Just to make sure everybody here has an equal opportunity to install it, I suppose?

     

    FYI: I moved the link from the href to the tooltip ...

     

    >>>>>>>>>>>>>>>>>>>>>>>>>

     

    QUICK REMINDER

     

    DO NOT click on these links!

     

    Microsoft does not send reminders for updates, this is done by Windows Update (automatically)

     

     

    From: Microsoft Customer Support [mailto:no-reply@microsoft.com]
    Sent: vrijdag 26 juni 2009 11:04
    To:
    Subject: Microsoft Outlook Update

     

    Critical Update

    Update for Microsoft Outlook / Outlook Express (KB910721)

    Brief Description

    Microsoft has released an update for Microsoft Outlook / Outlook Express. This update is critical and provides you with the latest version of the Microsoft Outlook / Outlook Express and offers the highest levels of stability and security.

    Instructions

    • To install Update for Microsoft Outlook / Outlook Express (KB910721) please visit Microsoft Update Center:

    http://update.microsoft.com/microsoftofficeupdate/isapdl/default.aspx?ln=en-us&id=9292729619132711874363624632891437217400608928890697

    Quick Details

    • File Name: officexp-KB910721-FullFile-ENU.exe
    • Version: 1.4
    • Date Published: Fri, 26 Jun 2009 04:03:33 -0500
    • Language: English
    • File Size: 81 KB

    System Requirements

    • Supported Operating Systems: Windows 2000; Windows 98; Windows ME; Windows NT; Windows Server 2003; Windows XP; Windows Vista
    • This update applies to the following product: Microsoft Outlook / Outlook Express

     

    It's... Monkey Piston's Frying Circle!
    Filed under:

  • 06-26-2009 6:27 AM In reply to

    • DOA
    • Top 25 Contributor
    • Joined on 06-26-2007
    • Posts 703

    Re: DO NOT click on these links!

    Reply Contact

    Raise your hand if you checked to see if the OP left the link active.

  • 06-26-2009 6:46 AM In reply to

    • Julia
    • Not Ranked
    • Joined on 01-10-2008
    • Posts 6

    Re: DO NOT click on these links!

    Reply Contact
    Hang your head in shame if you checked to see if the OP left the link active by clicking on it... (gets cluebat ready for co-worker)

  • 06-26-2009 7:26 AM In reply to

    Re: DO NOT click on these links!

    Reply Contact

    bjolling:
    our IT Support staff.
     

    You mailed them back telling about their grave idiocy, in subtler terms?

    — Flurp.

  • 06-26-2009 7:27 AM In reply to

    Re: DO NOT click on these links!

    Reply Contact
    What an obvious fake. No Microsoft updates were under 200 KiB, ever.
    ╩юфют√ь ёЄЁрэшЎрь яюЁр эр яхэёш■.

    #TDWTF @ SlashNET was merged into #codelove @ the same network. You're still welcome to drop by. I guess.

  • 06-26-2009 9:59 AM In reply to

    Re: DO NOT click on these links!

    Reply Contact

    dhromed:

    bjolling:
    our IT Support staff.
     

    You mailed them back telling about their grave idiocy, in subtler terms?

    I'm waiting for the really good comments to come in and then mail them a link.

     

    I just hope they dare clicking it

    It's... Monkey Piston's Frying Circle!
    Filed under:

  • 06-26-2009 10:12 AM In reply to

    Re: DO NOT click on these links!

    Reply Contact

    *raises hand*

    SpectateSwamp exposing aliens. Obviously the World needs SSDS


    [10:07] <fatdog> so from now on.. be sure to wear nice clean underwear
    [10:07] <mps> fatdog: That is simply not going to happen
    Filed under:

  • 06-26-2009 10:14 AM In reply to

    Re: DO NOT click on these links!

    Reply Contact

    I like to compare the text of the link with the actual link. I saved this one. The text of the link, which is visible, shows:

    http://update.microsoft.com/microsoftofficeupdate/...

    but the actual link (just mouse over the link text to see it in Firefox) points to

    http://update.microsoft.com.1llijk.com/microsoftofficeupdate/

    which is in the "1llijk.com" domain, very different. But nicely obfuscated.

  • 06-26-2009 10:38 AM In reply to

    Re: DO NOT click on these links!

    Reply Contact

    AndyCanfield:
    I like to compare the text of the link with the actual link. I saved this one. The text of the link, which is visible, shows:

    http://update.microsoft.com/microsoftofficeupdate/...

    but the actual link (just mouse over the link text to see it in Firefox) points to

    http://update.microsoft.com.1llijk.com/microsoftofficeupdate/

    which is in the "1llijk.com" domain, very different. But nicely obfuscated.

    Precisely.  Just enough to fool people who would look at the link and say "it's got MS in the URL, so it must be from them."

    SpectateSwamp exposing aliens. Obviously the World needs SSDS


    [10:07] <fatdog> so from now on.. be sure to wear nice clean underwear
    [10:07] <mps> fatdog: That is simply not going to happen
    Filed under:

  • 06-26-2009 12:21 PM In reply to

    Re: DO NOT click on these links!

    Reply Contact

    AndyCanfield:
    I like to compare the text of the link with the actual link. I saved this one. The text of the link, which is visible, shows:

    http://update.microsoft.com/microsoftofficeupdate/...

    but the actual link (just mouse over the link text to see it in Firefox) points to

    http://update.microsoft.com.1llijk.com/microsoftofficeupdate/

    which is in the "1llijk.com" domain, very different. But nicely obfuscated.

    Actually, I've seen them with similar but varied names for the actual domain, and the traces show the DNS listed here in the US. I've sent some emails for supporting evidence to some security folks I know.

    To the OP, I did exactly the same thing, emailing everyone in our company, and changing the link to point to Google. Granted, I put a hair more at the top, saying DO NOT CLICK THESE LINKS, DELETE THESE EMAILS, ASK IT FOR MORE INFO, etc.

    Very impressive wave otherwise, coordinated and wide-spread, with a massive amount of coverage in a very short period of time, based on my conversations with folks.

    morbiuswilters: Oh, and this entire thread is pointless, flamebait spam. Heckuva job, drachy...
    Prepare for a life in hell, a thankless job where you service the dregs of society. Kinda like being a hooker that works in a crack house.

    "we don't appreciate political/nationalist/technology flamebaiting here, please do not do this" and this is why mods shouldn't be able to permanently delete threads... some of us can't read the historical entries and see what the problem was...

  • 06-26-2009 2:26 PM In reply to

    Re: DO NOT click on these links!

    Reply Contact
    I am reminded of a spam email I got a few days ago that had the exact same subject line, but the body said "Do not click these links.  They will install travel deals on your computer."
    SpectateSwamp exposing aliens. Obviously the World needs SSDS


    [10:07] <fatdog> so from now on.. be sure to wear nice clean underwear
    [10:07] <mps> fatdog: That is simply not going to happen
    Filed under:

  • 06-26-2009 2:28 PM In reply to

    Re: DO NOT click on these links!

    Reply Contact

    belgariontheking:
    I am reminded of a spam email I got a few days ago that had the exact same subject line, but the body said "Do not click these links.  They will install travel deals on your computer."
    Ah, reverse psychology.  How can I resist clicking on it now?

  • 06-26-2009 2:28 PM In reply to

    Re: DO NOT click on these links!

    Reply Contact
    drachenstern:
    To the OP, I did exactly the same thing, emailing everyone in our company, and changing the link to point to Google.

    Should have pointed it to a page that said:

    "NNN humans fail at reading comprehension
    (including you)    "

    ╩юфют√ь ёЄЁрэшЎрь яюЁр эр яхэёш■.

    #TDWTF @ SlashNET was merged into #codelove @ the same network. You're still welcome to drop by. I guess.
    Filed under:

  • 06-27-2009 8:00 AM In reply to

    Re: DO NOT click on these links!

    Reply Contact

    Spectre:
    Should have pointed it to a page that said:
     

    And also a hitcounter with IP.

    — Flurp.
Page 1 of 1 (14 items)
Powered by Community Server (Non-Commercial Edition), by Telligent Systems